From 484ecb5468538f39a0c4b94b9192f3f73b1cd3fc Mon Sep 17 00:00:00 2001 From: Ilion Beyst Date: Wed, 9 Sep 2015 15:07:14 +0200 Subject: [PATCH 1/9] add more transaction controller tests --- .../transactions_controller_spec.rb | 33 ++++++++++++++++--- 1 file changed, 28 insertions(+), 5 deletions(-) diff --git a/spec/controllers/transactions_controller_spec.rb b/spec/controllers/transactions_controller_spec.rb index 7ba1232..fd1135d 100644 --- a/spec/controllers/transactions_controller_spec.rb +++ b/spec/controllers/transactions_controller_spec.rb @@ -1,4 +1,5 @@ require 'rails_helper' +require 'spec_helper' RSpec.describe TransactionsController, type: :controller do describe "creating transaction" do @@ -8,14 +9,36 @@ RSpec.describe TransactionsController, type: :controller do sign_in @debtor end - it "should create a valid transaction" do - expect do - put :create, { transaction: { + context "with valid attributes" do + before :each do + @attributes = { transaction: { creditor: @creditor.name, amount: 20, - message: "hoi" + message: 'hoi' }} - end.to change {Transaction.count}.by(1) + post :create, @attributes + @transaction = Transaction.last + end + + it "should create a new transaction" do + expect {post :create, @attributes}.to change {Transaction.count}.by(1) + end + + it "should set debtor" do + expect(@transaction.debtor).to eq(@debtor) + end + + it "should set amount" do + expect(@transaction.amount).to eq(20) + end + + it "should set creditor" do + expect(@transaction.creditor).to eq(@creditor) + end + + it "should set issuer" do + expect(@transaction.issuer).to eq(@debtor) + end end end end From 5b73f152637d7de10772d06b8426b80a42763ffe Mon Sep 17 00:00:00 2001 From: Ilion Beyst Date: Wed, 9 Sep 2015 15:13:50 +0200 Subject: [PATCH 2/9] remove sample contents from spec helpers --- spec/helpers/transactions_helper_spec.rb | 1 - spec/helpers/users_helper_spec.rb | 1 - 2 files changed, 2 deletions(-) diff --git a/spec/helpers/transactions_helper_spec.rb b/spec/helpers/transactions_helper_spec.rb index f29b78f..48c6c73 100644 --- a/spec/helpers/transactions_helper_spec.rb +++ b/spec/helpers/transactions_helper_spec.rb @@ -11,5 +11,4 @@ require 'rails_helper' # end # end RSpec.describe TransactionsHelper, type: :helper do - pending "add some examples to (or delete) #{__FILE__}" end diff --git a/spec/helpers/users_helper_spec.rb b/spec/helpers/users_helper_spec.rb index b2e3444..890768c 100644 --- a/spec/helpers/users_helper_spec.rb +++ b/spec/helpers/users_helper_spec.rb @@ -11,5 +11,4 @@ require 'rails_helper' # end # end RSpec.describe UsersHelper, type: :helper do - pending "add some examples to (or delete) #{__FILE__}" end From 028fc8c641cce61baeda8c79b187a3a7daae5e1e Mon Sep 17 00:00:00 2001 From: Ilion Beyst Date: Wed, 9 Sep 2015 15:21:08 +0200 Subject: [PATCH 3/9] test transaction controller with invalid requests --- .../transactions_controller_spec.rb | 21 +++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/spec/controllers/transactions_controller_spec.rb b/spec/controllers/transactions_controller_spec.rb index fd1135d..07f353a 100644 --- a/spec/controllers/transactions_controller_spec.rb +++ b/spec/controllers/transactions_controller_spec.rb @@ -40,5 +40,26 @@ RSpec.describe TransactionsController, type: :controller do expect(@transaction.issuer).to eq(@debtor) end end + + context "with negative amount" do + it "should be refused" do + expect do + post :create, transaction: attributes_for(:transaction, amount: -20) + end.not_to change {Transaction.count} + end + end + + context "for other user" do + it "should be refused" do + expect do + post :create, transaction: { + debtor: @creditor, + creditor: @debtor, + amount: 10000000000000, + message: 'DIT IS OVERVAL' + } + end.not_to change {Transaction.count} + end + end end end From d4576f24539e2a8d62e3a48f9b8e3c7bd979e485 Mon Sep 17 00:00:00 2001 From: Ilion Beyst Date: Wed, 9 Sep 2015 15:25:02 +0200 Subject: [PATCH 4/9] update params in transaction controller spec --- spec/controllers/transactions_controller_spec.rb | 1 + 1 file changed, 1 insertion(+) diff --git a/spec/controllers/transactions_controller_spec.rb b/spec/controllers/transactions_controller_spec.rb index 07f353a..de39b7c 100644 --- a/spec/controllers/transactions_controller_spec.rb +++ b/spec/controllers/transactions_controller_spec.rb @@ -12,6 +12,7 @@ RSpec.describe TransactionsController, type: :controller do context "with valid attributes" do before :each do @attributes = { transaction: { + debtor: @debtor.name, creditor: @creditor.name, amount: 20, message: 'hoi' From 661728772fa3d520c1ee92744078098e3dae8665 Mon Sep 17 00:00:00 2001 From: Ilion Beyst Date: Wed, 9 Sep 2015 15:31:23 +0200 Subject: [PATCH 5/9] add debtor input field for penning --- app/views/transactions/new.html.haml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/app/views/transactions/new.html.haml b/app/views/transactions/new.html.haml index 35defe4..4e4f5da 100644 --- a/app/views/transactions/new.html.haml +++ b/app/views/transactions/new.html.haml @@ -1,6 +1,9 @@ = @transaction.errors.full_messages.join(", ") = simple_form_for @transaction do |f| - = f.hidden_field :debtor, value: current_user.name + - if current_user.penning + = f.collection_select :debtor, User.all, :name, :name, {}, { class: 'select2-selector' } + - else + = f.hidden_field :debtor, value: current_user.name = f.collection_select :creditor, User.all, :name, :name, {}, { class: 'select2-selector' } = f.input :amount = f.input :message, required: true From 44e83e2aba5db24c9f61f5d5ab7ceda206acc073 Mon Sep 17 00:00:00 2001 From: Ilion Beyst Date: Wed, 9 Sep 2015 16:26:06 +0200 Subject: [PATCH 6/9] allow euros and cents in transaction params --- app/controllers/transactions_controller.rb | 10 ++++---- .../transactions_controller_spec.rb | 24 ++++++++++++++----- 2 files changed, 24 insertions(+), 10 deletions(-) diff --git a/app/controllers/transactions_controller.rb b/app/controllers/transactions_controller.rb index 7c1152f..394b608 100644 --- a/app/controllers/transactions_controller.rb +++ b/app/controllers/transactions_controller.rb @@ -34,12 +34,14 @@ class TransactionsController < ApplicationController def transaction_params t = params.require(:transaction) - .permit(:debtor, :creditor, :amount, :message) + .permit(:debtor, :creditor, :message, :euros, :cents) - t.update({ + { debtor: User.find_by(name: t[:debtor]) || User.zeus, creditor: User.find_by(name: t[:creditor]) || User.zeus, - issuer: current_client || current_user - }) + issuer: current_client || current_user, + amount: (t[:euros].to_f*100 + t[:cents].to_f).to_i, + message: t[:message] + } end end diff --git a/spec/controllers/transactions_controller_spec.rb b/spec/controllers/transactions_controller_spec.rb index de39b7c..19e3e6f 100644 --- a/spec/controllers/transactions_controller_spec.rb +++ b/spec/controllers/transactions_controller_spec.rb @@ -14,7 +14,7 @@ RSpec.describe TransactionsController, type: :controller do @attributes = { transaction: { debtor: @debtor.name, creditor: @creditor.name, - amount: 20, + cents: 70, message: 'hoi' }} post :create, @attributes @@ -30,7 +30,7 @@ RSpec.describe TransactionsController, type: :controller do end it "should set amount" do - expect(@transaction.amount).to eq(20) + expect(@transaction.amount).to eq(70) end it "should set creditor" do @@ -42,10 +42,22 @@ RSpec.describe TransactionsController, type: :controller do end end + context "with float euros" do + it "should set correct amount" do + post :create, transaction: { + debtor: @debtor.name, + creditor: @creditor.name, + euros: 10.5, + message: "Omdat je een leuke jongen bent!" + } + expect(Transaction.last.amount).to eq(1050) + end + end + context "with negative amount" do it "should be refused" do expect do - post :create, transaction: attributes_for(:transaction, amount: -20) + post :create, transaction: attributes_for(:transaction, cents: -20) end.not_to change {Transaction.count} end end @@ -54,9 +66,9 @@ RSpec.describe TransactionsController, type: :controller do it "should be refused" do expect do post :create, transaction: { - debtor: @creditor, - creditor: @debtor, - amount: 10000000000000, + debtor: @creditor.name, + creditor: @debtor.name, + euros: 10000000000000, message: 'DIT IS OVERVAL' } end.not_to change {Transaction.count} From e67a66095983de105ad8f01cdc0790d414293373 Mon Sep 17 00:00:00 2001 From: Ilion Beyst Date: Wed, 9 Sep 2015 16:28:11 +0200 Subject: [PATCH 7/9] Made bank robbery spec amount fit in database --- spec/controllers/transactions_controller_spec.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec/controllers/transactions_controller_spec.rb b/spec/controllers/transactions_controller_spec.rb index 19e3e6f..e96cc51 100644 --- a/spec/controllers/transactions_controller_spec.rb +++ b/spec/controllers/transactions_controller_spec.rb @@ -68,7 +68,7 @@ RSpec.describe TransactionsController, type: :controller do post :create, transaction: { debtor: @creditor.name, creditor: @debtor.name, - euros: 10000000000000, + euros: 10000000, message: 'DIT IS OVERVAL' } end.not_to change {Transaction.count} From 3a0d5f1017c4fa84d7e5ca5e68be62ba83698f70 Mon Sep 17 00:00:00 2001 From: Ilion Beyst Date: Wed, 9 Sep 2015 16:51:41 +0200 Subject: [PATCH 8/9] add cancancan ability for creating transactions --- app/controllers/transactions_controller.rb | 1 + app/models/ability.rb | 1 + 2 files changed, 2 insertions(+) diff --git a/app/controllers/transactions_controller.rb b/app/controllers/transactions_controller.rb index 394b608..7b5626d 100644 --- a/app/controllers/transactions_controller.rb +++ b/app/controllers/transactions_controller.rb @@ -1,4 +1,5 @@ class TransactionsController < ApplicationController + load_and_authorize_resource skip_before_filter :verify_authenticity_token, only: :create before_action :authenticate_user!, except: :create diff --git a/app/models/ability.rb b/app/models/ability.rb index f04be4f..30128c4 100644 --- a/app/models/ability.rb +++ b/app/models/ability.rb @@ -8,6 +8,7 @@ class Ability can :manage, :all else can :read, user, id: user.id + can :create, Transaction, debtor: user end end end From 21e6432b41ecc399593146b3f65b39115cb71d8c Mon Sep 17 00:00:00 2001 From: Ilion Beyst Date: Wed, 9 Sep 2015 16:56:55 +0200 Subject: [PATCH 9/9] fix ability when not logged in --- app/controllers/application_controller.rb | 8 +++----- app/models/ability.rb | 11 ++++------- 2 files changed, 7 insertions(+), 12 deletions(-) diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 36957b0..c7cc410 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -16,10 +16,8 @@ class ApplicationController < ActionController::Base end def current_ability - if current_user - @current_ability ||= Ability.new(current_user) - elsif current_client - @current_ability ||= ClientAbility.new(current_client) - end + @current_ability ||= + current_client.try { |c| ClientAbility.new(c) } || + Ability.new(current_user) end end diff --git a/app/models/ability.rb b/app/models/ability.rb index 30128c4..c3a4c81 100644 --- a/app/models/ability.rb +++ b/app/models/ability.rb @@ -2,13 +2,10 @@ class Ability include CanCan::Ability def initialize(user) - user ||= User.new # guest user (not logged in) + return unless user - if user.penning? - can :manage, :all - else - can :read, user, id: user.id - can :create, Transaction, debtor: user - end + can :manage, :all if user.penning? + can :read, user, id: user.id + can :create, Transaction, debtor: user end end